<!--  Ofri Keidar 302933981 group 05 -->

<%@page import="model.database.DBException"%>
<%@page import="controller.CmnTransactionsCtrl"%>
<%@page import="view.WebCommons"%>
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
	pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link rel="stylesheet" href="../style/myTemplate/style.css"
	type="text/css">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Change Password</title>
</head>
<body>

	<span class="customHeader2">Change Password</span>

	<%--form to get new password	--%>

	<div id="page">
		<div class="post">

			<div id="sidebar">
				<ul>
					<li>
						<h2>Your attention please</h2>
						<p>Enter your new password, and then repeat it. Make sure that
							you remember your new password ;)</p>
					</li>
				</ul>
			</div>
	
			<div id="content">
				<form METHOD=POST ACTION="ChangePwd.jsp">
					<table>
						<tr>
							<td><span class="customFormValue">Old Password</span></td>
							<td><INPUT TYPE="password" NAME=old
								SIZE=<%=WebCommons.PWD_SIZE%>></td>
						</tr>
						<tr>
							<td><span class="customFormValue">New Password</span></td>
							<td><INPUT TYPE="password" NAME=new
								SIZE=<%=WebCommons.PWD_SIZE%>></td>
						</tr>
						<tr>
							<td><span class="customFormValue">Repeat new password</span></td>
							<td><INPUT TYPE="password" NAME=newCopy
								SIZE=<%=WebCommons.PWD_SIZE%>></td>
						</tr>
					</table>
					<br> <INPUT TYPE=SUBMIT class="mySubmitButton">
				</form>
			</div>

		</div>
	</div>

	<%
	// return to main menu
		String menuPage = (String) session.getAttribute(WebCommons.MAIN_MANU);
	%>
	<div id="footer">
		<span class="myLink"><A HREF="<%="../menus/" + menuPage%>">Back
				to Menu</A></span>
	</div>

	<%
		// check if already submitted details
		if (!(request.getParameter("new") == null || request.getParameter("new").equals(""))) {

			// get controller
			CmnTransactionsCtrl controller = (CmnTransactionsCtrl) session.getAttribute(WebCommons.COMMON_CONTROLLER);

			// extract parameters
			String userName = (String) session.getAttribute(WebCommons.USER_NAME);
			String oldPassword = (String) request.getParameter("old");
			String newPassword = (String) request.getParameter("new");
			String newPasswordCopy = (String) request.getParameter("newCopy");

			// extract password that user has logged in with
			String loggedPassword = (String) session.getAttribute(WebCommons.PASSWORD);

			boolean canChangePwd = true; // inidicates if parameters are correct and can change password 

			// double check password
			if (!newPassword.equals(newPasswordCopy)) {

				// cannot change passowrd
				canChangePwd = false;
					%>
					<span class="notify">Please repeat new password correctly...</span>
					<%
			}

			// verify old password	
			if (!oldPassword.equals(loggedPassword)) {

				// cannot change passowrd
				canChangePwd = false;
					%>
					<span class="notify">Old password is incorrect, please try
						again...</span>
					<%
			}

			if (canChangePwd) { // details are correct, change password

				// change the password
				try {

					boolean couldChange = controller.setPassword(userName, oldPassword, newPassword);

					if (couldChange) {
						%>
						<span class="notify">Password changed successfully!</span>
						<%
					// update new password as logged password
					session.setAttribute(WebCommons.PASSWORD, newPassword);

					} else {
						// display error message
						%>
						<span class="notify">Sorry, password could not be changed. Check
							the old password again...</span>
						<%
					}

				} catch (DBException e) {

					// move to error page
					response.sendRedirect("ErrorPage.jsp");
				}
			}
		}
	%>

</body>
</html>